An anonymous reader shares a report: Chat & Ask AI, one of the most popular AI apps on the Google Play and Apple App stores that claims more than 50 million users, left hundreds of millions of those users’ private messages with the app’s chatbot exposed, according to an independent security researcher and emails viewed by 404 Media. The exposed chats showed users asked the app “How do I painlessly kill myself,” to write suicide notes, “how to make meth,” and how to hack various apps.
The exposed data was discovered by an independent security researcher who goes by Harry. The issue is a misconfiguration in the app’s usage of the mobile app development platform Google Firebase, which by default makes it easy for anyone to make themselves an “authenticated” user who can access the app’s backend storage where in many instances user data is stored.
Harry said that he had access to 300 million messages from more than 25 million users in the exposed database, and that he extracted and analyzed a sample of 60,000 users and a million messages. The database contained user files with a complete history of their chats with the AI, timestamps of those chats, the name they gave the app’s chatbot, how they configured the model, and which specific model they used. Chat & Ask AI is a “wrapper” that plugs into various large language models from bigger companies users can choose from, Including OpenAI’s ChatGPT, Anthropic’s Claude, and Google’s Gemini.
Spotify is adding group chats to the messaging service it premiered last year. In an addendum to the original blog post introducing Messages, the company announced that users can initiate chats with up to 10 of their friends to share the podcasts, playlists and songs they are listening to.
The in-app messaging feature, which was released last August, works to keep users on the app instead of navigating to another platform to share content with friends. Since its introduction, Spotify has added functionality bit by bit. Earlier this month, the company added the ability to share what you’re listening to in real-time. Users can also invite chat participants to join a Jam, the app’s collaborative listening tool.
Spotify isn’t the only content platform trying to make in-app messaging a thing. Late last year, YouTube said it would be testing DMs, after originally adding the feature in 2017 before removing it in 2019.
This article originally appeared on Engadget at https://www.engadget.com/entertainment/streaming/spotify-has-a-group-messaging-feature-now-173734450.html?src=rss
To avoid a court proceeding, Google has agreed to a $135 million class-action settlement over its data collection practices with Android. News of the settlement was first reported by Reuters. Upon approval by a judge, the settlement could see Android users in the U.S. getting up to $100 each, provided they qualify.
The settlement was filed in San Jose, California on Tuesday evening, and focused on claims that Google collected unnecessary cellular data from customers even when Google apps were closed, location-sharing was disabled, and screens were locked. The lawsuit alleges that Google collected the data with the intent of “conversion,” a legal term that in this case would likely mean using the captured data for product development and targeted advertising.
Google denied any wrongdoing, but as part of the settlement, agreed to not transfer data during Android set-up without consent from the user. The company will also initiate new toggles within Android to stop further cellular data transfers, and disclose any data transfers in its Google Play terms of service.
According to Glen Summers, a lawyer for the plaintiffs, the $135 million payout is the largest ever in a conversion case. While the settlement is still awaiting approval from a judge, given Summers’ comments, it’s likely the plaintiffs will accept it. Here’s how to determine if you can claim your slice of that pie.
Who is eligible for a payment in the Android settlement?
Google’s settlement covers a fairly wide swath of users: anyone who has used an “Android-powered mobile device” since Nov 12, 2017. However, there appear to be a few caveats. Specifically, because the class-action applies to cellular data, it’s unlikely to apply to users of any wifi-only devices, like many Android tablets.
How much you can get in the Android settlement
Payments for the class-action settlement cap out at $100 per class member, although it’s unclear whether all users can expect to get that much. Reuters states that lawyers for the class-action may seek up to roughly 30% of the settlement in legal fees, and while there aren’t any official numbers on how many Android users there are in the U.S., estimates from third-party firms place the count at roughly 40% of the mobile market overall. As such, $135 million might be spread pretty thin across all eligible class members.
When payments could go out
An initial trial date for the case was originally scheduled for Aug. 5, although the judge could approve the settlement prior to then. Class-action settlements can take anywhere from a few weeks to a few months to be approved, in order to ensure the settlement is fair to all class members and doesn’t show any signs of collusion.
How you’ll know when a payment has been sent
The methods of contacting eligible class members varies from case to case. In some instances, payment is automatic. However, in many cases, a website is set up where users must file a claim, and physical mail and emails are sent out with PIN numbers and IDs to ensure as many class members know about their eligibility as possible. The company offering the settlement is often involved in sending out these notices, so if you believe you’re affected, keep an eye out for an email or physical letter from Google, as well as for a settlement website to be set up.
If you believe you’re eligible but don’t receive any communication, there will also usually be an email address you can contact. This email address will usually be specific to the case, and while it hasn’t been revealed yet, it might be worth reaching out to Google Support if you’re worried about missing any deadlines.
Other current Google settlements you may qualify for
Google’s data collection settlement isn’t its only big class action payout as of late. The company also recently agreed to pay $68 million in another settlement involving Google Assistant after an accusation that it listened in on users without their consent. Google also denied wrongdoing in this instance.
If approved, the settlement will apply to anyone who had at least one device with Google Assistant pre-installed on it as early as 2016. Those who purchased the device will receive anywhere from $18 to $56, while those who lived in a household with one of these devices in it could earn $2 to $10. Steps for receiving your money will likely be similar to those in the Android data collection case.
Humans can’t live without lungs. And yet for 48 hours, in a surgical suite at Northwestern University, a 33-year-old man lived with an empty cavity in his chest where his lungs used to be. He was kept alive by a custom-engineered artificial device that represented a desperate last-ditch effort by his doctors. The custom hardware solved a physiological puzzle that has made bilateral pneumonectomy, the removal of both lungs, extremely risky before now.
The artificial lung system was built by the team of Ankit Bharat, a surgeon and researcher at Northwestern. It successfully kept a critically ill patient alive long enough to enable a double lung transplant, temporarily replacing his entire pulmonary system with a synthetic surrogate. The system creates a blueprint for saving people previously considered beyond hope by transplant teams.
Melting lungs
The patient, a once-healthy 33-year-old, arrived at the hospital with Influenza B complicated by a secondary, severe infection of Pseudomonas aeruginosa, a bacterium that in this case proved resistant even to carbapenems—our antibiotics of last resort. This combination of infections triggered acute respiratory distress syndrome (ARDS), a condition where the lungs become so inflamed and fluid-filled that oxygen can no longer reach the blood.
Remember the Samsung 9100 PRO? We reviewed it back in August. It’s an amazing performer, and despite being a high-end PCI Express 5.0 SSD offering sequential speeds in excess of 13GB/second, it actually runs pretty cool thanks to the use of a custom 5nm “Presto” SSD controller. If you wanted an SSD 9100 PRO but you’ve only got an M.2-2242
Phones are valuable targets. If someone can steal your device, especially if they know how to break into it, they have access to a huge amount of your sensitive data. As such, good security features can mean the difference between losing that data, or protecting it entirely—even if your phone is long gone. Google has a number of anti-theft features baked in Android, appropriately called “Theft Protection Features.” While the company isn’t announcing a slate of new features today, it did announced new updates to its existing Android Theft Protection features in a post on the company’s Security Blog Tuesday. Here’s what’s new:
Google’s updated Theft Protection Features for Android
First, the company announced updates to authentication safeguards, which apply to all Android devices running Android 16 or newer. That includes a new dedicated toggle in settings for Failed Authentication Lock, which automatically locks your screen after someone tries to guess your password too many times. Now, you can choose whether or not to keep this feature on right from settings.
Google is also increasing the amount of time your phone locks up after too many failed passcode attempts, which reduces the chance for someone to break into your phone. I wouldn’t have thought of this, but Google notes that it has included protections against children that try to break into your phone, by not counting identical passcode attempts against this retry limit. And while it isn’t new, Google highlighted that since late 2025, all features and apps that use Android Biometric Prompt now work with Identity Check, which prevents unauthorized users from changing sensitive settings without a successful biometric authentication—meaning a face or fingerprint scan.
The company also announced enhancements to features that are available to devices running at least Android 10. First is an update to Remote Lock, which lets you lock up your phone from a web browser if it is stolen or goes missing. Now, you can set up a security question as part of the unlocking procedure. Even if someone knows your credentials, they’d need to know the answer to your security challenge before they could unlock your device. Tip: If you make the answer something nonsensical, you’ll be even more protected (e.g., What is your mother’s maiden name? h7r_t*2#). Just be sure to file that answer somewhere safe, like a password manager.
Users in Brazil also have two new security settings enabled by default. The first is Theft Detection Lock, which can detect when your device has been snatched out of your hand in a likely theft situation. The second is Remote Lock, so users in Brazil can take advantage of the above benefits without having to set anything up first—other than the option security challenge question, of course.
These updates might not be revolutionary, but they should help boost your Android’s security a bit—and prevent your kids from locking you out of your phone for the day.
Libcamera 0.7 was published today for this modern software library for image signal processors (ISPs) and embedded cameras under Linux. The standout change with libcamera 0.7 is initial plumbing for GPU acceleration in the software ISP “SoftISP” for delivering better performance than just CPU-based…
Microsoft’s Xbox hardware revenue fell 32% in the final quarter of 2025 and overall gaming revenue declined 9% year-over-year, according to the company’s latest quarterly earnings, released as part of results showing Microsoft’s total revenue exceeded $80 billion.
Xbox content and services revenue, which includes Game Pass, dropped 5%.
Forget rotisserie chicken and oversized barrels of mayo, Costco’s hottest commodity right now just might be RAM and GPUs. With prices of computer memory, storage, and graphics cards going for two to three times more than normal, shoplifters have been hitting big box stores like Costco and Walmart, and those business are now taking action.
From Russia with software freedom, MiniOS Ultra 5.1 serves up a compact Debian‑based distro with an impressive range of built‑in tools. We have screenshots!
A recent Google Pixel feature is reportedly turning on the microphone when it’s not supposed to, and Google’s finally acknowledged that there’s a bug. Reports started as early as last September and gained traction last week, and now, Google has removed the feature on some older phones.
Called “Take a Message,” the buggy feature was released last year and is supposed to automatically transcribe voicemails as they’re coming in, as well as detect and mark spam calls. Unfortunately, according to reports from multiple users on Reddit (as initially spotted by 9to5Google), the feature has started turning on the microphone while taking voicemails, allowing whoever is leaving you a voicemail to hear you. Audio leaks are bad in any circumstance, but they must feel especially nasty if you’re trying to pretend you’re not there.
Affected users have have found that while the caller can hear the audio from the person receiving the voicemail, there’s no indication on the receiver’s end that their audio can be heard, aside from the green microphone indicator possibly turning on.
The issue has been reported affecting Pixel devices ranging from the Pixel 4 to the Pixel 10, and on a recent support page, Google’s finally acknowledging it. However, the company’s action might not be enough, depending on how cautious you want to be.
According to Community Manager Siri Tejaswini, the company has “investigated this issue,” and has confirmed it “affects a very small subset of Pixel 4 and 5 devices under very specific and rare circumstances.” The post doesn’t go any further on the how and why of the diagnosis, but says that Google is now disabling Take a Message and “next-gen Call Screen features” on these devices.
Next-gen Call Screen is a separate feature that allows Google’s AI to ask a caller their name and the purpose of their call before taking a message. No bugs have been reported for it, but Google says it’s disabling both features out of “an abundance of caution.”
While this should prevent the issue from popping up for users with those phones, it’s a bit of a heavy-handed fix. I’ve reached out to Google to check if Take a Message is only being removed temporarily while the company fixes the bug, or if it will now be permanently gone. In the meantime, Tejaswini does say that Pixel 4 and 5 owners will still be able to use manual and automatic Call Screening, which provide basic protection against spam. The post also suggests that affected users can rely on any call screening features provided by their cellular carriers.
How to disable Take a Message on your Pixel phone
While it’s encouraging that Google is taking action on the Take a Message bug, the company only seems to be acknowledging it for Pixel 4 and Pixel 5 models, at least for now. I’ve asked Google whether owners of other Pixel models should be worried, as user reports seem split on this. Still, because some have mentioned an issue with even the most up-to-date Pixel phone, if you want to practice your own abundance of caution, it might be worth disabling Take a Message on your device, regardless of its model number.
To do this, open your Phone app, then tap the three-lined menu icon at the top-left of the page. Navigate to Settings > Call Assist > Take a Message, and toggle the feature off.
Slated for introduction in the next kernel cycle (Linux 6.20~7.0) is introducing large receive buffer support for IO_uring’s zero-copy receive code path. This large receive buffer support can be very beneficial for those with higher-end networking hardware capable of handling the larger buffers for some significant performance and efficiency wins…
An anonymous reader shares a report: Windows 11 now has one billion users. Microsoft hit the milestone during the recent holiday quarter, meaning Windows 11 has managed to reach one billion users faster than Windows 10 did nearly six years ago.
“Windows reached a big milestone, 1 billion Windows 11 users,” said Microsoft CEO Satya Nadella on the company’s fiscal Q2, 2026 earnings call. “Up over 45 percent year-over-year.” The growth of Windows 11 over the past quarter will be related to Microsoft’s end of support for Windows 10, which also helped increase Microsoft’s Windows OEM revenues.
Big news for runners with an Apple Watch: You can now follow Strava routes directly from your wrist. Route navigation on Strava-compatible watches isn’t exactly new technology—it’s just been inexplicably absent from Apple’s platform until now. In a Reddit post from Strava’s product team, the news was welcomed by runners, cyclists, and hikers who’ve long wondered why their Apple Watch couldn’t do what Garmin and Coros devices have offered for years.
What’s new with Strava’s Apple Watch app
The core update here is users can now view maps directly on their Apple Watch during activities, seeing both where they’re headed and how to backtrack if they take a wrong turn. For subscribers, saved Routes work hands-free and function offline, eliminating the need to pull out your phone mid-run or mid-ride to check directions.
To access routes directly on your watch, press the Route icon while selecting the Sport Type that you’ll record. Once you’ve selected the saved route you want to follow, the activity will start recording.
To then access the map while in the middle of recording your activity, simply swipe up on your watch face. Once on the map screen, you will be able to follow your live location and, if added, your saved route. To zoom or pan the map, tap the watch face to unlock interactive mode. If you want to turn back to your Stat screen, tap the back icon or use the watch scroll button.
Alongside route navigation, Strava added two more training features:
Custom Laps let you mark intervals with a single tap, useful for tempo runs, hill repeats, or comparing efforts against your previous performances.
Live Segments provide real-time feedback when you hit a tracked segment. Subscribers can see whether they’re ahead or behind their personal record as it happens, while all users get live progress updates.
As always, you can also turn to route suggestions that draw from Strava’s massive activity database full of actual paths that real users have tested and preferred.
The bottom line
For Apple Watch users who’ve grown accustomed to working around Strava’s limitations, this update rocks. Less phone checking means more attention on the road, trail, or effort itself.
Maybe it’s taken longer than it should have, but Apple Watch users are finally caught up. Whether that’s enough to satisfy those who’ve already migrated to other platforms remains to be seen, but for the loyal holdouts, it’s about time.
Cyclist Brennan King has completed an astonishing feat of gastric endurance, eating over 11kg of oats in a single week, suffering innumerable “horrific” bathroom breaks while cycling over 1,000km in a challenge that, by his own admission, offered no insight beyond what not to do.
With almost 4 million views on his Instagram original post, King’s videos have captivated and disgusted a huge audience over the past seven days.
Posting on the final day, King said he “set oat [sic] to answer a question absolutely nobody was asking”.
Speaking to BikeRadar, King explained his decision to undertake the brutal challenge: “My family buys our oat supply in 25lbs (11kg) bags, and we go through them pretty quickly. So, naturally, I had to wonder how quickly I could make it through one on my own.”
King said he ran the numbers, weighed out the portions, “and it seemed to me like it might (just might) be possible to do it in a week”.
“If I had known how much of a challenge it would be, then I would probably have thought about it a little harder,” he said, admitting he “wouldn’t be able to get the idea out of my head without giving it a go.”
A keen long-distance rider since 2019, King’s latest two-month 10,000km adventure took him from his home in Vancouver, Canada, to Banff. He then tackled the legendary Tour Divide from Banff to the Mexico/US border, before riding back to Montreal for the start of the school year.
Other challenges of epic proportions include riding for 24 hours straight on Zwift for his 23rd birthday, when he averaged 268W for 960km (he hopes to crack the 1,000km mark for his 25th birthday).
However, all of these challenges pale in comparison to the gastric mountain he has just summited.
Mixing things up with a range of recipes pushed his overall calorific intake beyond oats alone. He says: “I was also eating other foods that I was adding to the oat-based meals that I was making. My calculations say that I ate 59,931 calories over the course of the week.”
Though he peppered in a bit of running, hiking and swimming, King rode with a power meter throughout the week, and estimates he burned 52,979 calories.
He adds that “despite the roughly 7,000 calories in excess, I weighed 0.4lbs lighter at the end of the week”.
His weight loss can probably be attributed to the other obvious physical challenges the monotrophic diet presented.
King is unflinching in his description of the trials he faced: “It was horrific. So much diarrhoea.”
Falling behind his required schedule towards the end of the challenge forced King to up his intake on the final day: “I had to up my consumption to 2.4kg of oats on the last day to finish the challenge.”
Waking at 4.30am, King said that to “develop the appetite of a horse, I’d need to exercise like a horse”.
Riding laps around a local park, King explains that he “fell into an easy rhythm of stopping every 4 laps to eat my oats and shit my guts out
“Having the bathroom close by was critical to the mission – I had to stop off at a bathroom nearly once per hour during my 12-hour ride.”
Though his resolve wobbled towards the end, King says there was only one thing for it: “Keep on biking, and keep on eating oats.”
So, “in a state of delirium and utter gut discomfort”, King finished the challenge having cycled 335km – and eating more oats than he cares to recount.
King used a variety of recipes to make the challenge tolerable. Brennan King
King admits the gastric challenge extended beyond the obvious: “It was tricky to come up with tasty recipes because I was trying to use as many oats as possible without too many additives. The trick was to add as little as possible while still making it palatable”
Highlights included a banana oat loaf, classic oats paired with Greek yoghurt, and oat borscht.
However, not every recipe was a hit: “By far my most horrific creation was after a long day when I was tired and just wanted to get some hydration in, so I put a chicken bouillon cube in a bunch of hot water and added oats to that to make a soup. That was despicable.”
On the last day, he was also forced to pair a simple granola with Red Bull: “This was a dark day for oat lovers everywhere.”
What did he learn?
Oats are not on the menu for the foreseeable future. Brennan King
So what did King learn from his monumental challenge? “I can’t say that I gained all that much insight from the challenge – at least not anything valuable about what you should be doing,” he admits.
“The on-bike nutrition was really the main hurdle. I think oats and their fibre content are great fuel for off the bike, but trying to ride for 12 hours by eating 2.4kg of them was never a good idea.”
Regardless, he says he “still needed to give it a try”, and that he expected to be in top form having “come off possibly the craziest block of gut training that any cyclist has ever undergone”.
Looking ahead, although his expectations are modest, King is targeting the Canadian National road championships. While he admits he’s come to racing late in life, his dream is to race on a WorldTour team, or on the American gravel circuit.
And what about his taste for porridge, granola and other oaty delights? “I’ll need some time away from oats for a bit,” he says. “I still love oats, but this past week has put some strain on our relationship, so I don’t want to rush anything.”
NASA has taken the wraps off Athena, the space agency’s most potent supercomputer yet. It’ll be tasked with things like aircraft and spacecraft modeling, rocket launch simulations, large-scale AI training, etc.
Housed at NASA’s Modular Supercomputing Facility (within Ames Research Center in Silicon Valley) and just brought fully online
Jeff Mahoney, who
holds a vice-president position at SUSE, has posted a detailed
proposal for improving the governance of the openSUSE project.
It’s meant to be a way to move from governance by volume or
persistence toward governance by legitimacy, transparency, and
process – so that disagreements can be resolved fairly and the
project can keep moving forward. Introducing structure and
predictability means it easier for newcomers to the project to
participate without needing to understand decades of accumulated
history. It potentially could provide a clearer roadmap for
developers to find a place to contribute.
The stated purpose is to start a discussion; this is openSUSE, so he is
likely to succeed.
